New Media and Technology Law Blog

Tag Archives: CFAA

District Court Decision Brings New Life to CFAA to Combat Unwanted Scraping

On October 24, 2022, a Delaware district court held that certain claims under the Computer Fraud and Abuse Act (CFAA) relating to the controversial practice of web scraping were sufficient to survive the defendant’s motion to dismiss. (Ryanair DAC v. Booking Holdings Inc., No. 20-01191 (D. Del. Oct. 24, 2022)). The opinion potentially breathes life … Continue Reading

DOJ Revises Policy for CFAA Prosecution to Reflect Developments in Web Scraping and Other Matters

On May 19, 2022, the Department of Justice (DOJ) announced that it had revised its policy regarding prosecution under the federal anti-hacking statute, the Computer Fraud and Abuse Act (CFAA). Since the DOJ last made changes to its CFAA policy in 2014, there have been a number of relevant developments in technology and business practices, … Continue Reading

Southwest Airlines Wins Injunction Barring Travel Site from Scraping

UPDATE: On December 23, 2021, the parties reached a settlement, as Southwest filed an unopposed motion for entry of final judgment and a permanent injunction containing the same restrictions as the temporary injunction issued in September. Under the proposed permanent injunction, Kiwi would be barred from scraping flight and fare information from Southwest’s site, publishing … Continue Reading

Southwest Airlines Sues to Stop Web Scraping of Fare Information

On January 14, 2021, Southwest Airlines Co. (“Southwest”) filed a complaint in a Texas district court against an online travel site, Kiwi.com, Inc. (“Kiwi”), alleging, among other things, that Kiwi’s scraping of fare information from Southwest’s website constituted a breach of contract and a violation of the Computer Fraud and Abuse Act (CFAA). (Southwest Airlines … Continue Reading

Circuit Court Denies LinkedIn’s Petition for En Banc Review of hiQ Scraping Decision

Last month, LinkedIn Corp. (“LinkedIn”) filed a petition for rehearing en banc of the Ninth Circuit’s blockbuster decision in hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. Sept. 9, 2019). The crucial question before the original panel concerned the scope of Computer Fraud and Abuse Act (CFAA) liability to unwanted web scraping of publicly available social media … Continue Reading

LinkedIn Petitions Circuit Court for En Banc Review of hiQ Scraping Decision

On October 11, 2019, LinkedIn Corp. (“LinkedIn”) filed a petition for rehearing en banc of the Ninth Circuit’s blockbuster decision in hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. Sept. 9, 2019). The crucial question before the original panel concerned the scope of Computer Fraud and Abuse Act (CFAA) liability to unwanted web … Continue Reading

Court Denies TRO against Data Scraper That Accessed Private Database via Registered Accounts

UPDATE:  On October 22, 2018, the court denied the defendant’s CEO’s motion to dismiss for lack of personal jurisdiction. Subsequently, on January 2, 2019, the parties settled the matter and stipulated to a dismissal of the case. This past week, a Texas district court denied a bid from a web service for a temporary restraining … Continue Reading

Researchers May Challenge the Constitutionality of the CFAA “Access” Provision as Applied to Web Scraping

Such Scraping “Plausibly Falls within the Ambit of the First Amendment” The Ninth Circuit is currently considering the appeal of the landmark hiQ decision, where a lower court had granted an injunction that limited the applicability of the federal Computer Fraud and Abuse Act (CFAA) to the blocking of an entity engaging in commercial data … Continue Reading

Data Aggregator Seeks Ruling Allowing It to Scrape Public LinkedIn Data

UPDATE:  On February 22, 2018, the district court granted 3taps’s motion to relate its action to the ongoing hiQ v. LinkedIn litigation. This motion was based upon a local Northern District of California rule that holds that cases should be related when the actions concern substantially the same parties, transaction or event, and there would … Continue Reading

CFAA “Unauthorized Access” Web Scraping Claim against Ticket Broker Dismissed Because Revocation of Access Not Expressed in Cease and Desist Letter

A California district court issued an important opinion in a dispute between a ticket sales platform and a ticket broker that employed automated bots to purchase tickets in bulk. (Ticketmaster L.L.C. v. Prestige Entertainment, Inc., No. 17-07232 (C.D. Cal. Jan. 31, 2018)). For those of us who have been following the evolution of the law … Continue Reading

Supreme Court Denies Appeals of Notable Data Scraping, Computer Fraud Decisions from Ninth Circuit

This past week, the Supreme Court denied the petitions for certiorari in two noteworthy Ninth Circuit decisions that had interpreted the scope of liability under the federal Computer Fraud and Abuse Act (CFAA) in the context of wrongful access of company networks by employees and in instances involving unwanted data scraping from publicly available websites. … Continue Reading

CFAA Double Feature: Ninth Circuit Issues Two Important Decisions on the Scope of Liability Related to Data Scraping and Unauthorized Access to Employer Databases

UPDATE: On January 18, 2019, the Ninth Circuit affirmed the award of damages and injunctive relief in favor of Facebook. (Facebook, Inc. v. Power Ventures, Inc., No. 17-16161 (9th Cir. Jan. 18, 2019) (unpublished)). The California district court in 2017 had awarded Facebook almost $80,000 in CFAA damages, representing only the period after Facebook sent its … Continue Reading

Craigslist Files Another Suit against Data Scraper

For years, craigslist has aggressively used technological and legal methods to prevent unauthorized parties from scraping, linking to or accessing user postings for their own commercial purposes.  In a prior post, we briefly discussed craigslist’s action against a certain aggregator that was scraping content from the craigslist site (despite having received a cease and desist … Continue Reading

No Expansion of CFAA Liability for Monetary Exploit of Software Bug

In the game Monopoly, lucky players landing on Community Chest might turn over the highly desirable “Bank Error in Your Favor, Collect $200” card.  By the next turn, the proceeds are usually invested in properties and houses, yet, some might wonder whether accepting such a windfall was proper in the first place…or could lead to … Continue Reading

Applying 9th Circuit LVRC v. Brekka Ruling, District Court Dismisses Most CFAA Criminal Charges in United States v. Nosal

UPDATE: As discussed in this blog post, a panel of the U.S. Court of Appeals for the Ninth Circuit overruled the district court in United States v. Nosal (9th Cir. Apr. 28, 2011). ******** The debate over the applicability of the Computer Fraud and Abuse Act in cases of alleged employee disloyalty has yielded quite … Continue Reading

Citing Plain Language of the Computer Fraud and Abuse Act, Ninth Circuit Rules Employee’s Disloyal Act Does Not Terminate Authorization to Access Employer’s Computer

The federal Computer Fraud and Abuse Act, 18 U.S.C. §1030, criminalizes access to a computer that is either “"without authorization"” or that "“exceed[s] authorized access,"” and provides a civil right of action for violations as well. In the last several years, a split has developed in the federal courts on the question of whether an … Continue Reading

Facebook Takes a Page from Ticketmaster’s Playbook: Block Unauthorized Web Site Access with Carefully Drafted Terms of Use

In 2007, Ticketmaster brought a multi-count complaint against RMG Technologies, a software company that supplied ticket brokers with software that enabled them to automatically and rapidly access Ticketmaster’s Web site, to the detriment of ordinary users seeking tickets to popular events. The Ticketmaster v. RMG complaint was notable for stating a series of claims that … Continue Reading
LexBlog

This website uses third party cookies, over which we have no control. To deactivate the use of third party advertising cookies, you should alter the settings in your browser.

OK